debsecan

Debian Security Analyzer, a tool to list vulnerabilities on a particular Debian installation.

TLDR

List vulnerable installed packages on the current host

$ debsecan
copy


List vulnerable installed packages of a specific suite
$ debsecan --suite [release_code_name]
copy


List only fixed vulnerabilities
$ debsecan --suite [release_code_name] --only-fixed
copy


List only fixed vulnerabilities of unstable ("sid") and mail to root
$ debsecan --suite [sid] --only-fixed --format [report] --mailto [root] --update-history
copy


Upgrade vulnerable installed packages
$ sudo apt upgrade $(debsecan --only-fixed --format [packages])
copy

Copied to clipboard